From what I see Aikido safe chain wraps the actual executable for npm, pnpm, pip etc with a proxy server that intercepts the requests to it and checks them.
deptrust does not wrap any executable and queries the advisory and package information directly. My goal with it was more focused on using it in Claude Code/Codex.
Cofounder here, looks like formatting is a bit off. I do wonder why HN hasn’t invested in a better editor/display that could avoid these kind of display issues.
deptrust does not wrap any executable and queries the advisory and package information directly. My goal with it was more focused on using it in Claude Code/Codex.